Receive the latest mybusiness news
Copyright © 2020 MOMENTUMMEDIA

$50,000 loss as hacker takes control of invoicing

Adam Zuchetti
Adam Zuchetti
12 August 2019 3 minute readShare

Scammers are set to make a record haul from Australians this year, the ACCC has warned as part of National Scams Awareness Week, amid claims that one business lost $50,000 after its invoicing system was compromised.

August 12 to 16 marks the government-led awareness campaign, in a bid to highlight the dangers that scammers pose to businesses and individuals alike.

According to the ACCC, accumulated losses to scammers are forecast to hit $532 million by the end of 2019 — the first time the figure has breached the half-a-billion-dollar mark. And that is just what is reported to authorities.

“Many people are confident they would never fall for a scam, but often it’s this sense of confidence that scammers target,” said Delia Rickard, deputy chair of the ACCC.

“People need to update their idea of what a scam is so that we are less vulnerable. Scammers are professional businesses dedicated to ripping us off. They have call centres with convincing scripts, staff training programs and corporate performance indicators their ‘employees’ need to meet.”

The competition regulator, which also oversees the reporting of scams nationally, said that investment-related scams continue to generate the biggest losses, accounting for almost half of all monies fleeced. They also tend to be the most convincing and sophisticated, the ACCC warned.

Meanwhile, cryptocurrency investment scams have never been bigger, netting a record $14.76 million in the first seven months of the year in losses reported to the ACCC — many led by fake celebrity endorsements or online trading platforms to appear legitimate.

Business left $50,000 out of pocket

Meanwhile, cyber security company CTRL Group reported a surge in cases of invoice fraud that are targeting Australian SMEs.

“One business recently lost over $50,000 as a result of a hacker taking control of the email of the person responsible for invoicing who was on maternity leave. The hacker then used this access to re-issue unpaid invoices with different account payment details and a note explaining the change of account,” said Bastien Treptel, the group’s founder who describes himself as a “reformed black-hat hacker”.

“By the time everyone realised what had happened, the new account had been wiped clean and shut down.”

Mr Treptel said that far from being remote targets, cyber security breaches are “one of the largest business risks they face”.

In a stark warning to business owners, he said that “small businesses are going to experience a wave of repercussions if they continue to ignore the basic security measures and don’t aim to limit the risks”.

“Hackers are no longer the typical hooded criminal in a basement with a binary code on the screen — we are now under threat by large-scale criminal organisations located all around the world.”

He added that “any business in Australia that turns over $3 million annually faces the same obligations and financial penalties associated with the Notifiable Data Breach scheme under the Privacy Act”.

Earlier this month, Australian fintech EFTsure revealed that it had secured $2.5 million in funding from venture capital firm Our Innovation Fund (OIF) to further expand its payment protection platform, which its CEO and co-founder said was designed to combat this exact problem.

“Cybercrime targeted at businesses is fuelled by a perfect storm of email usage, social engineering and gaps in payment systems. The result is that businesses aren’t paying who they think they’re paying,” its CEO and co-founder, Mark Chazan, said.

“This is what’s driving demand for our solution, and we’re excited that this new round of investment will enable us to meet that demand.”

Tax-related scams also cause for concern

The ATO is a regular victim of impersonation scams. It said that in 2018 alone, a total of 114,625 such scams had been reported.

From these, Aussie taxpayers were duped out of more than $2.8 million, with over 21,000 “potentially compromised personal identities”.

“Many Australians believe they would never fall victim to a scam and could confidently spot one or know what to do if they were targeted,” the Tax Office said.

“However, scammers are becoming more sophisticated, and cyber criminals work hard at this time of year to get as much information about you to commit tax fraud in your name.”

It urged businesses to be aware of anyone seeking to “confirm” your details, and to verify that any such request is legitimate with the person they claim to be before providing any money or information.

The ATO also advises keeping electronic devices up to date with the latest security updates, running regular anti-virus scans on devices, monitoring financial and email accounts for suspicious activity and verifying any payment arrangements with the ATO either directly or with their accountant/tax agent.

‘Anyone could fall victim’

The ACCC’s Ms Rickard warned all Australians to be vigilant, with particular reference to online advertisements.

“Our advice is to be wary of ads you see on the internet. Don’t be persuaded by celebrity endorsements or ‘not-to-be-missed’ opportunities. You never know for certain who you’re dealing with or whether they’re credible,” she said.

“If you think you’re speaking to a friend on social media, call them or find another way to contact them before acting on any advice that might result in you giving away your personal details or money.”

She added: “Anyone could fall victim and no one is ‘too smart to be scammed’. Always ask yourself, ‘could this be a scam?’, and if you’re ever in doubt, decline the contact or hang up the phone — it’s often the safest option.”

This email address is being protected from spambots. You need JavaScript enabled to view it.

$50,000 loss as hacker takes control of invoicing
mybusiness logo
Adam Zuchetti
Adam Zuchetti

Adam Zuchetti is the former editor of MyBusiness and a senior freelance media professional, specialising in the fields of business, personal finance and property. In 2020, he also embarked on his own business journey – inspired in part by the entrepreneurs and founders he had met through his journalistic work – with the launch of customised pet gifting and subscription service Paws N’ All.

Leave a Comment

Latest poll

How satisfied are you with the SME measures in the federal budget?